diff options
Diffstat (limited to 'auth1.c')
-rw-r--r-- | auth1.c | 30 |
1 files changed, 8 insertions, 22 deletions
@@ -26,13 +26,8 @@ RCSID("$OpenBSD: auth1.c,v 1.35 2002/02/03 17:53:25 markus Exp $"); | |||
26 | #include "session.h" | 26 | #include "session.h" |
27 | #include "misc.h" | 27 | #include "misc.h" |
28 | #include "uidswap.h" | 28 | #include "uidswap.h" |
29 | #include "monitor.h" | ||
30 | #include "monitor_wrap.h" | ||
31 | 29 | ||
32 | /* import */ | 30 | /* import */ |
33 | extern int use_privsep; | ||
34 | extern int mm_recvfd; | ||
35 | |||
36 | extern ServerOptions options; | 31 | extern ServerOptions options; |
37 | 32 | ||
38 | /* | 33 | /* |
@@ -360,13 +355,12 @@ do_authloop(Authctxt *authctxt) | |||
360 | * Performs authentication of an incoming connection. Session key has already | 355 | * Performs authentication of an incoming connection. Session key has already |
361 | * been exchanged and encryption is enabled. | 356 | * been exchanged and encryption is enabled. |
362 | */ | 357 | */ |
363 | Authctxt * | 358 | void |
364 | do_authentication(void) | 359 | do_authentication(void) |
365 | { | 360 | { |
366 | Authctxt *authctxt; | 361 | Authctxt *authctxt; |
367 | struct passwd *pw = NULL, *pwent; | 362 | struct passwd *pw; |
368 | u_int ulen; | 363 | u_int ulen; |
369 | int allowed; | ||
370 | char *p, *user, *style = NULL; | 364 | char *p, *user, *style = NULL; |
371 | 365 | ||
372 | /* Get the name of the user that we wish to log in as. */ | 366 | /* Get the name of the user that we wish to log in as. */ |
@@ -388,26 +382,17 @@ do_authentication(void) | |||
388 | authctxt->style = style; | 382 | authctxt->style = style; |
389 | 383 | ||
390 | /* Verify that the user is a valid user. */ | 384 | /* Verify that the user is a valid user. */ |
391 | if (!use_privsep) { | 385 | pw = getpwnam(user); |
392 | pwent = getpwnam(user); | 386 | if (pw && allowed_user(pw)) { |
393 | allowed = pwent ? allowed_user(pwent) : 0; | ||
394 | } else | ||
395 | pwent = mm_getpwnamallow(mm_recvfd, user, &allowed); | ||
396 | if (pwent && allowed) { | ||
397 | authctxt->valid = 1; | 387 | authctxt->valid = 1; |
398 | pw = pwcopy(pwent); | 388 | pw = pwcopy(pw); |
399 | } else { | 389 | } else { |
400 | debug("do_authentication: illegal user %s", user); | 390 | debug("do_authentication: illegal user %s", user); |
401 | pw = NULL; | 391 | pw = NULL; |
402 | } | 392 | } |
403 | /* Free memory */ | ||
404 | if (use_privsep) | ||
405 | pwfree(pwent); | ||
406 | |||
407 | authctxt->pw = pw; | 393 | authctxt->pw = pw; |
408 | 394 | ||
409 | setproctitle("%s%s", use_privsep ? " [net]" : "", | 395 | setproctitle("%s", pw ? user : "unknown"); |
410 | pw ? user : "unknown"); | ||
411 | 396 | ||
412 | #ifdef USE_PAM | 397 | #ifdef USE_PAM |
413 | start_pam(pw == NULL ? "NOUSER" : user); | 398 | start_pam(pw == NULL ? "NOUSER" : user); |
@@ -433,5 +418,6 @@ do_authentication(void) | |||
433 | packet_send(); | 418 | packet_send(); |
434 | packet_write_wait(); | 419 | packet_write_wait(); |
435 | 420 | ||
436 | return (authctxt); | 421 | /* Perform session preparation. */ |
422 | do_authenticated(authctxt); | ||
437 | } | 423 | } |